CVE-2021-31611 - Zh-jieli Ac6925 Firmware, Zh-jieli Ac6926 Firmware and Zh-jieli Ac6928 Firmware

September 7, 2021

Moderate 5.7

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboot the device to restore communication.

Affected software

Zh-jieli Ac6925 Firmware

Zh-jieli Ac6926 Firmware

Zh-jieli Ac6928 Firmware

Zh-jieli Ac6921 Firmware

Zh-jieli Ac6901 Firmware

Reference links

https://launchstudio.bluetooth.com/ListingDetails/58628
https://launchstudio.bluetooth.com/ListingDetails/19746
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
http://www.zh-jieli.com/product/68-cn.html

CVE-2021-31611 - Zh-jieli Ac6925 Firmware, Zh-jieli Ac6926 Firmware and Zh-jieli Ac6928 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software